DDoS configuration

Paul version 15 of XG was using a different UI and 3 different types of firewall rules compared to 2.

On current version when you create a firewall rule (not the business application rule) you are creating a network rule (compared to v15). If in the same rule you tick "match know users" the rule becomes a user rule (v15)

Regards

I am using v16.05 (MR6).

I am assuming that one needs to create a new rule specifically to use the IPS DDoS IPS Policy? If so, with what criteria? I only have two incoming rules, one for email (SMTP) and one for HTTPS.

IPS policy can be applied to every firewall rule under the Advanced section as showed above.

Regards

IPS policy can be applied to every firewall rule under the Advanced section as showed above.

Regards

Thanks for your reply - I know where to find it (Advanced, Intrusion Prevention), it was which rule to apply to.

So, I have two inbound rules, one for SMTP and one for HTTPS. I apply this IPS policy to both these rules and every other inbound rule that I create?

Paul,

IPS is resource consuming so pay attention of which signature you add into each IPS profile. Be selective as much as you can. So in this case if you have one firewall rule where SMTP server/client is to be protected, create an IPS Profile where you include only SMTP protection (SMTP server attacks or Client mail attacks) and then create another IPS Profile where you add signature only for the web server you have (IIS, Apache) and so on.

Regards